1. Home
  2. Security Information and Event Management (SIEM) Software
  3. AlienVault OSSIM Reviews
  4. User Review of AlienVault OSSIM
Lego block SIEM
November 24, 2021

Lego block SIEM

Anonymous | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Reseller

Overall Satisfaction with AlienVault OSSIM

As an organization, we leveraged alien vault as a SIEM solution for ourselves and also as a managed services offering for our customers. The scope was to support environments from a security perspective collecting logs and generating reports and analytics for the purposes of IT security. This included custom reporting, leveraging on-premises appliances and delivery is security as a service.
  • Collection of logs
  • Pricing
  • Ability to customize reports
  • Out of the box reporting
  • Correlation of events
  • AI
  • Custom reporting
  • Log collection
  • Analytics
  • Costly appliances with low ROI
Originally my organization leveraged alien value due to the lower cost of entry and ability to manage it as a service provider. Unfortunately, after several years of working with this tool, it became unwieldy to use as it felt that almost every useful report had to be created by hand. As other tools have come out with the ability to do automated responses such as Stellar Data processor, we have begun to evaluate alternatives.

Do you think AlienVault OSSIM delivers good value for the price?

No

Are you happy with AlienVault OSSIM's feature set?

No

Did AlienVault OSSIM live up to sales and marketing promises?

No

Did implementation of AlienVault OSSIM go as expected?

Yes

Would you buy AlienVault OSSIM again?

No

AlienVault is a good SIEM tool in general, it can collect logs, has the ability to create custom reports for the data that it gathers from both windows systems and networking devices, and the reports with some amount of finessing can look as good as the organization spends time on them. The problem is that alien vault past these great abilities falls short on doing anything else, it is an archaic SIEM solution that does nothing more than being a SIEM solution, [it] is very little out of the box reporting that is useful, no ability to dynamically adapt to a customers environment and no AI built into the appliance. At the end of the day, the biggest problem that this product suffers from is that it is expensive for the value provided. If you are looking for a SIEM that does nothing more than just be a SIEM and you have a dedicated team to run it, alien value is a great tool, unfortunately, that’s all it can do.

AlienVault OSSIM Feature Ratings

Security Information and Event Management (SIEM)
6.2
Centralized event and log data collection
9
Correlation
5
Event and log normalization/management
5
Deployment flexibility
8
Integration with Identity and Access Management Tools
6
Custom dashboards and workspaces
9
Host and network-based intrusion detection
5
Log retention
9
Data integration/API management
5
Behavioral analytics and baselining
3
Rules-based and algorithmic detection thresholds
3
Response orchestration and automation
6
Reporting and compliance management
9
Incident indexing/searching
5